I’ve been meaning to write blog posts on a regular basis. That’s unfortunately fell to the wayside as I adjusted to my new job as Director Advisor Services as Antigen. I was going to give this as an update but this is a great opportunity to discuss switching jobs within the information security field. I’ve switched jobs within security three times now. Here are a few things I’ve learned.
Observe for three months
I’ve found the most effective thing to do coming into a new role is to speak as little as possible. There’s usually a lot to learn. Listening and asking questions helps to learn the environment and figure out where to help out. I shoot for three months but I’m usually contributing much earlier than that because someone is asking me to help or I volunteer to take on some work that I know will help the organization.
Volunteering can help show initiative and a willingness to contribute to the team and organization. These aren’t the fun tasks either. They’re usually the boring tedious tasks but they’re an opportunity to learn and contribute. Also be prepared to get a “no” when volunteering and that’s okay too.
NO organization has it figured out
From onboarding to performance reviews it’s rare to have an efficient and effective onboarding process. The responsibility is on the manager but most will push it off to Human Resources (HR) which is unfortunate because what you need is different from what others in different departments need. Be prepared to sit around and find stuff to fill the time.
I’ve had more candidates start to ask me about my 30-60-90 day plan for starting. I think it’s a great question. Most managers in my experience don’t have this or they’ll have something but never follow through. Not to say there aren’t organizations that have it figured it out. Most of them are a top 500 company on the stock exchange.
GETTING INTO A NEW ROUTINE TAKES TIME
I am no longer in an 8-5 job. The incident response (IR) space is filled with lots of weird hours including evenings and weekends. After having a schedule with some or no IR work, I now have a job where I am 365/24/7. That’s not to say I don’t have time-off. I just have to adjust my hours.
This can be great as I can run errands, workout, golf, and play video games during the day as long as my work is done. The work is just another incident around the corner. I need to make sure to have my boundaries and communicate that with others. That’s very different from an 8-5 where I’m expected to be in the office. Adjusting to that has taken time.
REMOTE VS OFFICE
There’s a lot more sitting around with remote work. If you’re in an office there’s usually someone to talk to or start working with. Being remote everyone is heads down and the manager usually has lots of other meetings going on. Good managers will block as much time on their calendar so they can get you up and running.
Working remote it’s really important to ask a lot of questions and invites to anything going on. Not everyone is going to remember to add you to things. Ideally there’s things lined up to do. If not, don’t stress over it. Do what’s available and then either walk away or work on a passion project.
SUMMARY
Starting a new job can be exciting and stressful at the same time. Looking back at the above patience is a big factor. I like to tell people that I start to get my bearings at three months. At six months I kind of feel like I know what I’m doing. At a year I’m finally comfortable.
Have a questions or want to share your experience? Hit the comment section below.
This blog post first appear on Exploring Information Security